def edit_post(id): post = Post.query.get_or_404(id) if not current_user: return redirect(url_for('main.login')) if current_user != post.users: return redirect(url_for('blog.post', post_id=id)) # 当 user 是 poster 或者 admin 时, 才能够编辑文章 permission = Permission(UserNeed(post.users.id)) if permission.can() or admin_permission.can(): form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.text = form.text.data post.publish_date = datetime.datetime.now() # Update the post db.session.add(post) db.session.commit() return redirect(url_for('blog.post', post_id=post.id)) # Still retain the original content, if validate is false. form.title.data = post.title form.text.data = post.text return render_template('edit_post.html', form=form, post=post) else: abort(403)
def test_post_form_invalid(self): form = PostForm(data={ 'title': '', 'content': '', 'tags': '', 'category': 0 }) self.assertFalse(form.is_valid())
def test_post_form_valid(self): form = PostForm( data={ 'title': 'Hi there', 'content': 'This is content', 'tags': 'tag1, tag2', 'category': 1 }) self.assertTrue(form.is_valid())
def new_post(): form = PostForm() if form.validate_on_submit(): title = form.title.data body = form.body.data category = Category.query.get(form.category.data) post = Post(title=title, body=body, category=category, author=current_user) db.session.add(post) db.session.commit() flash('博文已创建.', 'success') return redirect(url_for('blog.show_post', post_id=post.id)) return render_template('admin/new_post.html', form=form)
def edit_post(post_id): form = PostForm() post = Post.query.get_or_404(post_id) if form.validate_on_submit(): post.title = form.title.data post.body = form.body.data post.category = Category.query.get(form.category.data) db.session.commit() flash('博文已更新.', 'success') return redirect(url_for('blog.show_post', post_id=post.id)) form.title.data = post.title form.body.data = post.body form.category.data = post.category_id return render_template('admin/edit_post.html', form=form)
def new_post(): form = PostForm() if form.validate_on_submit(): title = form.title.data content = form.content.data timestamp = form.timestamp.data body = form.body.data category = Category.query.get(form.category.data) post = Post(title=title, body=body, category=category, content=content, timestamp=timestamp) db.session.add(post) db.session.commit() flash('新文章创建成功!', 'success') return redirect(url_for('blog.show_post', post_id=post.id)) return render_template('admin/new_post.html', form=form)
def new_post(): form = PostForm() #Flask-Login 提供了一个代理对象 current_user 来访问和表示当前登录的对象, 这个对象在视图或模板中都是能够被访问的. # 所以我们常在需要判断用户是否为当前用户时使用(EG. 用户登录后希望修改自己创建的文章). if not current_user: return redirect(url_for('main.login')) if form.validate_on_submit(): new_post = Post(id=str(uuid4()), title=form.title.data) new_post.text = form.text.data new_post.publish_date = datetime.datetime.now() db.session.add(new_post) db.session.commit() return redirect(url_for('blog.home')) return render_template('new_post.html', form=form)